As the TVA post highlights, company-wide awareness training has proven a success in their overall cyber resilience strategy. Email security firm, Mimecast shares a relevant post on the downsides to the lack of security awareness training and proposes a more balanced approach to prevent security fatigue. When evaluating current awareness programs, consider that security awareness should be convincing, engaging, and challenging – not obvious and boring. Mimecast makes the point that it is vital to implement not just security protocols, but the right procedures to ensure you are effectively leveraging your users as part of your security posture, while also not desensitizing them to processes. Mimecast